Online Student File Management System
by Janobe
CVEs (14)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-13485 | Hig | 0.47 | 7.3 | 0.00 | Nov 21, 2025 | A security flaw has been discovered in itsourcecode Online File Management System 1.0. This issue affects some unknown processing of the file /ajax.php?action=login. The manipulation of the argument Username results in sql injection. The attack may be launched remotely. The… | ||
| CVE-2025-10482 | Hig | 0.47 | 7.3 | 0.00 | Sep 15, 2025 | A vulnerability was detected in SourceCodester Online Student File Management System 1.0. Affected is an unknown function of the file /admin/index.php. The manipulation of the argument Username results in sql injection. The attack can be executed remotely. The exploit is now… | ||
| CVE-2025-10479 | Hig | 0.47 | 7.3 | 0.00 | Sep 15, 2025 | A security flaw has been discovered in SourceCodester Online Student File Management System 1.0. The impacted element is an unknown function of the file /index.php. Performing manipulation of the argument stud_no results in sql injection. The attack may be initiated remotely.… | ||
| CVE-2025-10595 | Med | 0.41 | 6.3 | 0.00 | Sep 17, 2025 | A vulnerability has been found in SourceCodester Online Student File Management System 1.0. Affected by this issue is some unknown functionality of the file /admin/delete_user.php. The manipulation of the argument user_id leads to sql injection. The attack can be initiated… | ||
| CVE-2025-10594 | Med | 0.41 | 6.3 | 0.00 | Sep 17, 2025 | A flaw has been found in SourceCodester Online Student File Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/delete_student.php. Executing manipulation of the argument stud_id can lead to sql injection. It is possible to launch… | ||
| CVE-2025-10593 | Med | 0.41 | 6.3 | 0.00 | Sep 17, 2025 | A vulnerability was detected in SourceCodester Online Student File Management System 1.0. Affected is an unknown function of the file /admin/update_student.php. Performing manipulation of the argument stud_id results in sql injection. It is possible to initiate the attack… | ||
| CVE-2025-10483 | Med | 0.41 | 6.3 | 0.00 | Sep 15, 2025 | A flaw has been found in SourceCodester Online Student File Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/save_user.php. This manipulation of the argument firstname causes sql injection. The attack is possible to be carried… | ||
| CVE-2025-10481 | Med | 0.41 | 6.3 | 0.00 | Sep 15, 2025 | A security vulnerability has been detected in SourceCodester Online Student File Management System 1.0. This impacts an unknown function of the file /remove_file.php. The manipulation of the argument ID leads to sql injection. Remote exploitation of the attack is possible. The… | ||
| CVE-2025-10480 | Med | 0.41 | 6.3 | 0.00 | Sep 15, 2025 | A weakness has been identified in SourceCodester Online Student File Management System 1.0. This affects an unknown function of the file /save_file.php. Executing manipulation can lead to unrestricted upload. The attack may be launched remotely. The exploit has been made… | ||
| CVE-2023-6945 | 0.00 | — | 0.01 | Dec 19, 2023 | A vulnerability has been found in SourceCodester Online Student Management System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file edit-student-detail.php. The manipulation of the argument notmsg leads to cross site… | |||
| CVE-2023-1397 | 0.00 | — | 0.01 | Mar 14, 2023 | A vulnerability classified as problematic has been found in SourceCodester Online Student Management System 1.0. Affected is an unknown function of the file profile.php. The manipulation of the argument adminname leads to cross site scripting. It is possible to launch the attack… | |||
| CVE-2023-27213 | 0.00 | — | 0.01 | Mar 9, 2023 | Online Student Management System v1.0 was discovered to contain a SQL injection vulnerability via the searchdata parameter at /eduauth/student/search.php. | |||
| CVE-2023-1099 | 0.00 | — | 0.01 | Feb 28, 2023 | A vulnerability was found in SourceCodester Online Student Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file eduauth/edit-class-detail.php. The manipulation of the argument editid leads to sql injection. The… | |||
| CVE-2021-44599 | 0.00 | — | 0.01 | Dec 23, 2021 | The id parameter from Online Enrollment Management System 1.0 system appears to be vulnerable to SQL injection attacks. A crafted payload injects a SQL sub-query that calls MySQL's load_file function with a UNC file path that references a URL on an external domain. The… |
- risk 0.47cvss 7.3epss 0.00
A security flaw has been discovered in itsourcecode Online File Management System 1.0. This issue affects some unknown processing of the file /ajax.php?action=login. The manipulation of the argument Username results in sql injection. The attack may be launched remotely. The…
- risk 0.47cvss 7.3epss 0.00
A vulnerability was detected in SourceCodester Online Student File Management System 1.0. Affected is an unknown function of the file /admin/index.php. The manipulation of the argument Username results in sql injection. The attack can be executed remotely. The exploit is now…
- risk 0.47cvss 7.3epss 0.00
A security flaw has been discovered in SourceCodester Online Student File Management System 1.0. The impacted element is an unknown function of the file /index.php. Performing manipulation of the argument stud_no results in sql injection. The attack may be initiated remotely.…
- risk 0.41cvss 6.3epss 0.00
A vulnerability has been found in SourceCodester Online Student File Management System 1.0. Affected by this issue is some unknown functionality of the file /admin/delete_user.php. The manipulation of the argument user_id leads to sql injection. The attack can be initiated…
- risk 0.41cvss 6.3epss 0.00
A flaw has been found in SourceCodester Online Student File Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/delete_student.php. Executing manipulation of the argument stud_id can lead to sql injection. It is possible to launch…
- risk 0.41cvss 6.3epss 0.00
A vulnerability was detected in SourceCodester Online Student File Management System 1.0. Affected is an unknown function of the file /admin/update_student.php. Performing manipulation of the argument stud_id results in sql injection. It is possible to initiate the attack…
- risk 0.41cvss 6.3epss 0.00
A flaw has been found in SourceCodester Online Student File Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/save_user.php. This manipulation of the argument firstname causes sql injection. The attack is possible to be carried…
- risk 0.41cvss 6.3epss 0.00
A security vulnerability has been detected in SourceCodester Online Student File Management System 1.0. This impacts an unknown function of the file /remove_file.php. The manipulation of the argument ID leads to sql injection. Remote exploitation of the attack is possible. The…
- risk 0.41cvss 6.3epss 0.00
A weakness has been identified in SourceCodester Online Student File Management System 1.0. This affects an unknown function of the file /save_file.php. Executing manipulation can lead to unrestricted upload. The attack may be launched remotely. The exploit has been made…
- CVE-2023-6945Dec 19, 2023risk 0.00cvss —epss 0.01
A vulnerability has been found in SourceCodester Online Student Management System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file edit-student-detail.php. The manipulation of the argument notmsg leads to cross site…
- CVE-2023-1397Mar 14, 2023risk 0.00cvss —epss 0.01
A vulnerability classified as problematic has been found in SourceCodester Online Student Management System 1.0. Affected is an unknown function of the file profile.php. The manipulation of the argument adminname leads to cross site scripting. It is possible to launch the attack…
- CVE-2023-27213Mar 9, 2023risk 0.00cvss —epss 0.01
Online Student Management System v1.0 was discovered to contain a SQL injection vulnerability via the searchdata parameter at /eduauth/student/search.php.
- CVE-2023-1099Feb 28, 2023risk 0.00cvss —epss 0.01
A vulnerability was found in SourceCodester Online Student Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file eduauth/edit-class-detail.php. The manipulation of the argument editid leads to sql injection. The…
- CVE-2021-44599Dec 23, 2021risk 0.00cvss —epss 0.01
The id parameter from Online Enrollment Management System 1.0 system appears to be vulnerable to SQL injection attacks. A crafted payload injects a SQL sub-query that calls MySQL's load_file function with a UNC file path that references a URL on an external domain. The…